-
Notifications
You must be signed in to change notification settings - Fork 13
/
http_basic.clj
35 lines (32 loc) · 1.65 KB
/
http_basic.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
(ns geheimtur.impl.http-basic
(:require [io.pedestal.log :as log]
[geheimtur.util.auth :as auth :refer [authenticate]]
[geheimtur.util.response :as response])
(:import org.apache.commons.codec.binary.Base64))
(defn http-basic-identity
[context credential-fn]
(when-let [authorization (get-in context [:request :headers "authorization"])]
(let [[[_ username password]] (try (-> (re-matches #"\s*Basic\s+(.+)" authorization)
^String second
(.getBytes "UTF-8")
Base64/decodeBase64
(String. "UTF-8")
(#(re-seq #"([^:]*):(.*)" %)))
(catch Exception e
(log/info :msg (str "Invalid Authorization header for HTTP Basic auth: "
authorization))))]
(and username password (credential-fn context {:username username
:password password})))))
(defn http-basic-authenticate
[context credential-fn]
(if-let [identity (http-basic-identity context credential-fn)]
(update-in context [:request] authenticate identity)
context))
(defn http-basic-error-handler
"The default handler for HTTP Basic authentication/authorization errors."
[realm]
(fn [context error]
(assoc context :response
(if (= :unauthorized (::auth/type error))
(response/forbidden)
(response/unauthorized realm (:reason error))))))